56 lines
1.2 KiB
Plaintext
56 lines
1.2 KiB
Plaintext
|
#pragma curve bw6_761
|
||
|
|
||
|
from "EMBED" import snark_verify_bls12_377 as verify;
|
||
|
|
||
|
struct ProofInner {
|
||
|
field[2] a;
|
||
|
field[2][2] b;
|
||
|
field[2] c;
|
||
|
}
|
||
|
|
||
|
struct Proof<N> {
|
||
|
ProofInner proof;
|
||
|
field[N] inputs;
|
||
|
}
|
||
|
|
||
|
struct VerificationKey<N> {
|
||
|
field[2][2] h;
|
||
|
field[2] g_alpha;
|
||
|
field[2][2] h_beta;
|
||
|
field[2] g_gamma;
|
||
|
field[2][2] h_gamma;
|
||
|
field[N][2] query; // input length + 1
|
||
|
}
|
||
|
|
||
|
def flat<N, F>(field[N][2] input) -> field[F] {
|
||
|
assert(F == N * 2);
|
||
|
field[F] mut out = [0; F];
|
||
|
for u32 i in 0..N {
|
||
|
for u32 j in 0..2 {
|
||
|
out[(i * 2) + j] = input[i][j];
|
||
|
}
|
||
|
}
|
||
|
return out;
|
||
|
}
|
||
|
|
||
|
def main<N, Q>(Proof<N> proof, VerificationKey<Q> vk) -> bool {
|
||
|
assert(Q == N + 1); // query length (Q) should be N + 1
|
||
|
field[8] flat_proof = [
|
||
|
...proof.proof.a,
|
||
|
...flat::<2, 4>(proof.proof.b),
|
||
|
...proof.proof.c
|
||
|
];
|
||
|
|
||
|
u32 two_Q = 2 * Q;
|
||
|
|
||
|
field[16 + (2 * Q)] flat_vk = [
|
||
|
...flat::<2, 4>(vk.h),
|
||
|
...vk.g_alpha,
|
||
|
...flat::<2, 4>(vk.h_beta),
|
||
|
...vk.g_gamma,
|
||
|
...flat::<2, 4>(vk.h_gamma),
|
||
|
...flat::<Q, two_Q>(vk.query)
|
||
|
];
|
||
|
|
||
|
return verify(proof.inputs, flat_proof, flat_vk);
|
||
|
}
|